[cairo-bugs] [Bug 10730] potential controllable integer overflow in cairo-png.c

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Wed Jun 13 15:52:40 PDT 2007


------- Comment #6 from freedesktop at behdad.org  2007-06-13 15:52 PST -------
> Best way to check overflow of a single multiplication of two unsigned integers
> is to check that the result is not less than any of them.  In fact, just
> checking one is enough.  That is, x * y has overflowed iff the result is < x. 
> For three, we can go by ((x * y) * z).

Oops, this was totally wrong.  It works for addition, not multiplication.  Now
I've made a fool out of myself :).

Vlad has a patch fixing this I believe.

Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

More information about the cairo-bugs mailing list